Apple Security Advisory 2012-11-29-1 – Apple TV 5.1.1 is now available and addresses information disclosure and code execution vulnerabilities.
>> CATEGORY: XSS
This Metasploit module exploits a buffer overflow in Apple QuickTime 7.7.2. The stack based overflow occurs when processing a malformed Content-Type header. The module has been tested successfully on Safari 5.1.7 and 5.0.7 on Windows XP SP3.
Oracle OpenSSO 8.0 Multiple XSS POST Injection Vulnerabilities
Apple WGT Dictionnaire version 1.3 suffers from a script code injection vulnerability.
This Metasploit module exploits a vulnerability found in Apple QuickTime.
The Twitter 5.0 application for iPhone grabs images over HTTP and due to this, allows for a man in the middle attack / image swap. Proof of concept included.
PHP Server Monitor Stored XSS
Apple QuickTime versions 7.7.2 and below suffer from a buffer overflow vulnerability in the handling of TGA files.
Zero Day Initiative Advisory 12-185 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Mac OSX. Authentication is not required to exploit this vulnerability.
Guidelines for Pentesting a Joomla Based Site